Secure our Nation, Ignite your Future

ManTech holds the distinct honor of being named a “Top 100 Global Technology Company” by Thomson Reuters. ManTech leadership works to continue this high level of industry recognition by affording our employees opportunities to break through barriers. We reinvest in our employees through rich educational opportunities such as 100% paid tuition for qualifying Bachelor’s and Master’s degrees, extensive training and certification programs enabling our employees to obtain industry recognized skills sets and certifications, as well as Communities of Practice where employees can engage and exchange knowledge  as well as a diverse and in-depth range of instruction and resources needed for personal and professional development through our very own ManTech University. In addition to those amazing benefits, ManTech also has a fully dedicated Career Mobility team to provide you with guidance and assistance to continue to grow your career with ManTech.

Become an integral part of a diverse team while working at an Industry Leading Organization, where our employees come first.  At ManTech International Corporation, you’ll help protect our national security while working on innovative projects that offer opportunities for advancement. 

Currently, we are seeking a motivated, career and team-oriented cybersecurity data engineer in support of the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) Continuous Diagnostic & Mitigation (CDM) Data Services Program. The CDM Data Services Program is a critical component of CISA’s national effort to ensure the defense and resilience of cyberspace.

The CDM Data Services Program mission is to provide a standardized platform to collect, transform, and integrate cybersecurity data from relevant authoritative data sources into a coherent data, delivering actionable information into Agency and Federal Dashboards to identify risk areas in support of mitigation as well as to facilitate coordinated agency and national response to cyber-threats.  

This is a remote position where the candidate can work from any location within the United States provided, they are able to work on an eastern time zone schedule.

We are seeking an experienced and skilled Journeyman NOSC (Network Operations and Security Center) Operations Analyst to join our team in support of the Continuous Diagnostics and Mitigation (CDM) program at the Cybersecurity and Infrastructure Security Agency (CISA) under the Department of Homeland Security (DHS). As a Journeyman NOSC Operations Analyst, you will play a key role in ensuring the availability, integrity, and confidentiality of critical government systems and networks through network operations and security monitoring activities.

Responsibilities:

Network Monitoring and Incident Response:

• Conduct real-time monitoring of network traffic within the NOSC to identify potential security events or incidents.
• Perform in-depth analysis of logs and alerts, leveraging security tools (e.g., SIEM, IDS/IPS) to investigate and respond to security events.
• Lead incident response efforts by coordinating with internal teams, external stakeholders, and senior analysts.
• Develop and execute containment, eradication, and recovery strategies to mitigate the impact of security incidents.

Operations Support and Troubleshooting:

• Monitor the availability, performance, and integrity of applications, network connections, and infrastructure systems.
• Proactively identify and resolve operational issues, conducting root cause analysis and implementing appropriate remediation measures.
• Provide Tier 2 support, serving as an escalation point for complex technical issues and collaborating with Tier 1 help desk support.

Security Event Analysis:

• Conduct advanced analysis of security events and alerts, utilizing threat intelligence and industry best practices to uncover sophisticated threats.
• Investigate and respond to potential advanced persistent threats (APTs), targeted attacks, and insider threats.
• Develop and optimize security monitoring use cases, rules, and signatures to improve detection capabilities.

Collaboration and Reporting:

• Collaborate with cross-functional teams to gather information, share insights, and ensure incidents and events are appropriately documented.
• Prepare comprehensive incident reports, including incident timelines, root cause analysis, and recommendations for proactive security improvements.
• Communicate effectively with internal and external stakeholders, providing updates on incidents, investigations, and mitigation efforts.

Continuous Improvement and Innovation:

• Contribute to the enhancement of security monitoring processes and procedures, developing and implementing efficient workflows.
• Assist in the development and maintenance of standard operating procedures (SOPs) and guidelines for NOSC operations.
• Stay abreast of emerging cyber threats, security technologies, and industry trends to drive continuous improvement and innovation.

Position Requirements

• Bachelor’s degree in Computer Science, Information Systems, or a related field (relevant experience may substitute for a degree).
• In-depth knowledge of network protocols, infrastructure, and security best practices.
• Extensive experience in network security monitoring and incident response, including analysis of logs, alerts, and network traffic.
• Proficiency with security monitoring tools (e.g., SIEM, IDS/IPS), threat intelligence platforms, and malware analysis tools.
• Strong technical troubleshooting skills and experience with operations support, including application availability and network connectivity.
• Demonstrated understanding of advanced threats, APTs, and insider threats.
• Excellent analytical and problem-solving abilities with a focus on continual improvement.
• Effective written and verbal communication skills, including the ability to convey complex technical information to both technical and non-technical audiences.
• Effective collaboration skills, with proven experience working in multidisciplinary teams.
• Flexibility to work rotating shifts, weekends, and occasional on-call duties as needed.

Additional Skills

• Ticketing Software
• Azure or AWS Hands-on Experience
• A security certification such as CompTIA Security+

Security/Clearance Requirements

• Must be a US citizen and pass a background investigation.
• Able to obtain and maintain a DHS Suitability/Entry on Duty (EOD)

Physical Requirements

• Office work, typically sedentary with some movement around the office

The projected compensation range for this position is $72,100-$120,900. There are differentiating factors that can impact a final salary/hourly rate, including, but not limited to, Contract Wage Determination, relevant work experience, skills and competencies that align to the specified role, geographic location (For Remote Opportunities), education and certifications as well as Federal Government Contract Labor categories. In addition, ManTech invests in it’s employees beyond just compensation. ManTech’s benefits offerings include, dependent upon position, Health Insurance, Life Insurance, Paid Time Off, Holiday Pay, Short Term and Long Term Disability, Retirement and Savings, Learning and Development opportunities, wellness programs as well as other optional benefit elections.

For all positions requiring access to technology/software source code that is subject to export control laws, employment with the company is contingent on either verifying U.S.-person status or obtaining any necessary license. The applicant will be required to answer certain questions for export control purposes, and that information will be reviewed by compliance personnel to ensure compliance with federal law. ManTech may choose not to apply for a license for such individuals whose access to export-controlled technology or software source code may require authorization and may decline to proceed with an applicant on that basis alone.